SAP-C02 · Question #874
SAP-C02 Question #874: Real Exam Question with Answer & Explanation
The correct answer is A: Configure AWS Trusted Advisor to send Exposed Access Keys security events to Amazon. Trusted Advisor detects exposed access keys and can publish these security events to EventBridge, which can trigger an automated remediation workflow with minimal setup. The remediation workflow needs to (1) disable/delete the exposed keys, (2) query CloudTrail to enumerate API a
Question
A company stores confidential data in a private Amazon S3 bucket. The company use IAM keys to download the data for local analytics. The company must set up automatic remediations for any IAM access keys that become publicly exposed. The remediation solution must generate a list of actions that were taken by using the exposed access keys. The solution must send a list of the actions to the company through an email message. Which combination of solutions will meet these requirements? (Choose two.)
Options
- AConfigure AWS Trusted Advisor to send Exposed Access Keys security events to Amazon
- BConfigure AWS Audit Manager to send Exposed Access Keys security events to Amazon SQS
- CConfigure Amazon Inspector to send Exposed Access Keys security events to Amazon
- DCreate three AWS Lambda functions to run concurrently to handle the remediation workflow.
- ECreate three AWS Lambda functions to run sequentially to handle the remediation workflow.
Explanation
Trusted Advisor detects exposed access keys and can publish these security events to EventBridge, which can trigger an automated remediation workflow with minimal setup. The remediation workflow needs to (1) disable/delete the exposed keys, (2) query CloudTrail to enumerate API actions taken with those keys, and (3) send the findings by email (e.g., via SNS). Three Lambda functions implementing these steps satisfy the reporting and notification
Community Discussion
No community discussion yet for this question.